2 matches found
CVE-2019-20786
handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion...
CVE-2019-20786
CVE-2019-20786 (Pion DTLS) : The vulnerability exists in handleIncomingPacket (conn.go) of Pion DTLS prior to 1.5.2, which does not check application data with epoch 0. This allows remote attackers to inject arbitrary unencrypted data after the DTLS handshake. Affected software: Pion DTLS (versio...